Method and apparatus for protecting data retrieved from a database

US 6,671,687 B1
Filed: 09/29/2000
Issued: 12/30/2003
Est. Priority Date: 09/29/2000
Status: Expired due to Term

- Alert
- Pin

First Claim

Patent Images

1. A method for use in a database system, comprising:

assigning a user-defined data type to data stored in the database system, the user-defined data type defining an access restriction to the data;

receiving a request for the data according to the user-defined data type in the database system;

invoking a method associated with the user-defined data type to access the data wherein the method is accessible only by one or more authorized users; and

preparing the data for transmission in response to the request for data, based on the access restriction.

View all claims

6 Assignments

Timeline View

Assignment View

Litigations

0 Petitions

Accused Products

Abstract

A method and apparatus enables remote access of data of a database system. Such access may be performed by a remote device, such as a client computer system. A custom defined data type is assigned to data stored in the database system, the custom data type associates an access restriction to the data. A request for the data may be received over a communication network, such as the Internet or a local area network (LAN). In response to the request, the database system prepares the data for transmission and provides the requested information back over the communication network. The data is accessed using a security restriction defined by the custom data type.

97 Citations

View as Search Results

24 Claims

1. A method for use in a database system, comprising:
- assigning a user-defined data type to data stored in the database system, the user-defined data type defining an access restriction to the data;
  
  receiving a request for the data according to the user-defined data type in the database system;
  
  invoking a method associated with the user-defined data type to access the data wherein the method is accessible only by one or more authorized users; and
  
  preparing the data for transmission in response to the request for data, based on the access restriction.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 19, 20, 21)
- - 2. The method of claim 1, wherein receiving the request for data comprises receiving a Structured Query Language query.
  - 3. The method of claim 1, wherein receiving the request comprises receiving a query for credit card information.
  - 4. The method of claim 1, further comprising performing comparison of the restricted data in response to the request for data.
  - 5. The method of claim 4, wherein performing the comparison comprises using a method associated with the user-defined data type to perform the comparison of the data.
  - 6. The method of claim 1, further comprising encrypting the data prior to transmission.
  - 7. The method of claim 6, wherein encrypting the data comprises using a method associated with the user-defined data type to encrypt the data.
  - 8. The method of claim 7, wherein encrypting the data comprises performing a public-private key encryption.
  - 19. The method of claim 1, further comprising determining whether access to the data is allowed based on the access restriction provided by the user-defined data type.
  - 20. The method of claim 1, further comprising receiving a statement to create the user-defined data type in the database system.
  - 21. The method of claim 20, wherein receiving the statement comprises receiving a Structured Query Language statement.

9. A system comprising:
- a first database; and
  
  a first database controller coupled to the first database, wherein the first database controller is adapted to provide a security protocol defined by a user-defined data type to protect data according to the user-defined data type stored in the first database, the security protocol defining an access restriction.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 22)
- - 10. The system of claim 9, wherein the first database is a parallel database system.
  - 11. The system of claim 9, wherein the first database controller further comprises:
12. The system of claim 11, the query coordinator to direct the client specific application to retrieve data from the first database in response to a data query.
13. The system of claim 11, the client specific application to create the user-defined data type.
14. The system of claim 9, further comprising at least one method associated with the user-defined data type to access the data using the security protocol.
15. The system of claim 9, wherein the data stored in the first database comprises credit card information.
16. The system of claim 15, wherein the credit card information is assigned a secured data type according to the user-defined data type.
22. The system of claim 9, the first database controller to create the user-defined data type in response to a Structured Query Language statement.

17. An article comprising one or more storage media containing instructions that when executed cause a device to:
- store data in a database system, at least a portion of the stored data being according to a first user-defined data type;
  
  restrict access to the data portion based upon security provided by the first user-defined data type;
  
  enable a database operation using the data portion;
  
  without enabling access to the data portion; and
  
  invoke a method associated with the user-defined data type to access the data portion, the method associated with a privilege level.
- View Dependent Claims (18, 23, 24)
- - 18. The article of claim 17, wherein the instructions when executed cause the device to assign one or more authorized entities, based on the privilege level and ability to use the method.
  - 23. The article of claim 17, wherein the instructions when executed cause the device to create the user-defined data type in response to a statement.
  - 24. The article of claim 23, wherein the instructions when executed cause the device to create the user-defined data type in response to a Structured Query Language statement.

Specification

Resources

Litigation Campaign Assessment

Litigation Data

Current Assignee
NCR Voyix Corporation
Original Assignee
NCR Corporation
Inventors
Milby, Gregory H., Pederson, Donald R., Kaufmann, Fred S.
Primary Examiner(s)
Coby, Frantz
Assistant Examiner(s)
NGUYEN, MERILYN P

Application Number

US09/675,275
Time in Patent Office

1,187 Days
Field of Search

705/77, 705/40, 709/250, 709/225, 707/10, 707/104, 707/3, 707/9, 707/2, 707/6, 707/101, 395/186
US Class Current

1/1
CPC Class Codes

G06F 12/1408   by using cryptography for d...

G06F 21/6227   where protection concerns t...

Y10S 707/99939   Privileged access

Method and apparatus for protecting data retrieved from a database

First Claim

6 Assignments

Litigations

0 Petitions

Accused Products

Abstract

97 Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for protecting data retrieved from a database

First Claim

6 Assignments

Subscription Required

Subscription Required

Litigations

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

97 Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links